Skip to main content

Information Security Overview

Information Security Overview


1- Definition - Information security is a state of well-being of information and infrastructure in which the possibility of theft, tampering, and disruption of information and services is kept low.

2- Essential terminology
Hack value – is the notion among hackers that something is worth doing or is interesting.

Vulnerability  – is the existence of a weakness (design or implementation error) that can lead to an unexpected event compromising the security of the system.

Exploit – is a breach of an IT system security through vulnerabilities.Payload – is the part of an exploit code that performs an intended malicious action.

Zero-Day attack – is an attack that exploits the computer vulnerability before software engineer releases a patch.

Daisy Chaining – it involves gaining access to a network and /or computer and then using the same information to gain access to multiple networks and computers that contains desirable information.

Doxing – Publishing personally identifiable information about an individual or organization.

Bot – is a software application that can be controlled remotely to execute or automate predefined tasks.

Warfare – or info war refers to the use of information and communication technologies to take advantage over an opponent.

Hacking – Unauthorized attempts to bypass the security mechanisms of an information system or network.

Hacker – is a person with excellent computer skills, with the ability to create and explore the computer software and hardware.

Ethical hacking – is the use of hacking tools and tricks to identify vulnerabilities so as to ensure the system security.

3- Elements of information security 
Confidentiality : The information is only accessible by persons authorized to.
Integrity : The trustworthiness of data.Availability: systems available to whom requires them.
Authenticity : Non-repudiation: not denying sending or receiving data.

4- Levels of Security
Levels of security in any system can be defined by the strength of three components which are functionality, security, and usability.
Functionality represents the features, security represents the restrictions and usability represent the graphical user interface (GUI).
We can find a close association between these three levels and move toward one of them is losing the two others.

II - Information Security Threats and attacks

Attack = motive + method + vulnerability

Threat categories:
Network threats.Host-based threats.Applications threats.
Some threats and attack vectors:
Cloud computing threats.
Advanced Persistent Threats (APT).
Viruses and worms.
BotnetsInsider attack.

Motives behind attacks:
Information theft.
Manipulating data.
Damaging the reputation of the target.
Propagating religious or political beliefs.
Taking revenge.

III - Hackers classes and hacking phases

A. Hackers classes
Black hats: are hackers with malicious intentions.

White hats: are ethical hackers.

Grey hats: are black and white hackers.

Suicide hackers: are hackers that are not afraid of going jail or facing any sort of punishment.

Script kiddies: Unskilled hackers who use real hackers’ tools and programs.

Cyber terrorists: hackers having religious or political beliefs with motive of creating a large-scale fear.

State sponsored hackers: hackers engaged by governments.

 Hacktivists: hackers promoting a political agenda or a social change.

B. Hacking phases:


1. Reconnaissance
Reconnaissance is the preparation phase. It seeks to gather information about the target. There’s two kind of reconnaissance; active and passive.
Active reconnaissance permits direct interaction by any mean with the target.Passive reconnaissance does not permit any direct interaction with the target.

2. Scanning
Scanning is the pre-attack phase, it’s done on the basis of information gathered during recon phase. This phase includes the usage of port scanners, net mappers, and many other tools.
Information extracted by the attacker during this phase are live machine, OS detail.

3. Gaining access
Gaining access is the point where the attacker obtains access to the system or the application. The attacker can then, escalate privileges to gain a complete control of the system.

4. Maintaining access
Maintaining access is the retention the system’s owner.

5. Cleaning tracks
Clearing tracks are hiding its malicious acts to prevent being uncovered.
This was an introduction to ethical hacking covering an overview of information security, threats, and attack vectors, it also covers hacker types and hacking phases. 

Labels:

Comments

Post a Comment

Popular posts from this blog

Hiding files inside an Image on Android

You can hide your files behind an image and this technique is called Steganography. So lets get started. What is Steganography Steganography is an art of hiding a file, message, audio, video, or image within another file, message, audio, video, or image. The word steganography comes from two greek words "steganos" (meaning: concealed) and "graphein" (meaning: writing). The basic difference between cryptography and Steganography is that in cryptography only the message is hidden, but in Steganography, the message and the secret communication are hidden. A lot of good steganographic tools are available for Windows, Mac, and Linux, but not that much for the Android operating system. Now lets see how you can do the same GETTING STARTED Here is how to hide any file inside any image file on android: 1. First, you have to download NiaStego and install it on your android device. 2. Open the app, then you will see a window as shown below. 3. T...
Post a Comment
Read more

Monitor secret connections that your computer makes.

How to see which websites your computer is secretly connecting to? Has your Internet connection become slower than it should be?  There may be a chance that you have some malware, spyware,  or adware that is using your Internet connection in the  background without your knowledge. Here’s how to see what’s  going on under the hood. It’s worth noting that most third-party firewalls will probably give you  this same type of information as well as block things that are trying to  connect… unless the applications managed to add an exclusion already.  Better check anyway. So, how do you find out what the problem is? There is an easy method using the netstat  command from a command prompt window. This works with Windows 10, 8, 7, Vista, and XP.  If you’re still using XP, make sure you are running at least Service Pack 2,  and just assume that somebody already hacked your computer because your operating  system is now a te...
Post a Comment
Read more

Fileless Ransomware - All you need to know.

Fileless Ransomware - All you need to know. Many global companies, banks, and even some government organizations are struggling to protect everything from the newest type of threat that scared the world — Fileless Ransomware. The new version of ransomware has arrived — it’s stealthy, almost impossible to detect and is forcing every vulnerable organization to pay the ransom to cyber criminals. These attacks are called “fileless” or non-malware ransomware attacks in which the attack executes malicious commands with Microsoft’s PowerShell. It’s really important to mention that Non-malware or file-less ransomware (unlike some traditional ransomware) does not use any of the files to encrypt your data, but instead it writes scripts/macros which originate from PowerShell to encrypt the files. Fileless malware is a unique type of software and it's really difficult to detect because the malicious code is embedded into the native scripting language or written straight in...
Post a Comment
Read more